We are currently developing an antivirus app where we also want to scan the file-uploads directly (best case would be to scan them before they are available in the nextcloud instance).
We already found the files_antivirus and the Ransomware protection apps. When I understand the code correctly, both use a preSetup Hook on OC_Filesystem for that.
The first thing we see there is the following quote:
Deprecated since version 18: Use the OCP event dispatcher instead.
And we find no documentation about the OC_Filesystem hooks themselfs (which would be ok, because we can look into the code for that).
The question is: Is this hook still the way to do this kind of scanning or is there a better way. And also important, if we use the connectHook to hook OC_Filesystem, will that hook be available in the future?
I think it’s the client’s job to find viruses and not the cloud’s job. Especially when there are practically only Windows viruses and many people use Android, iOS, Linux or macOS as Nextcloud clients But of course this is often required in terms of compliance and Microsoft 365 also offers this. Incidentally, in my opinion, the risk of viruses has diminished because operating systems such as Windows 10/11 are updated much more frequently nowadays and are therefore less susceptible. Perhaps you should reassess the risk.
There is also the antivirus app. Have you had a look at that if it solved your problem eventually or you can at least have a look at their implementation.
So. Looking at the connectHook function in the source code of the server it states:
So I guess it’s clear not to use it anymore. But I cannot find a good replacement event for what we want to achive. Is the list of events here not complete? Or is an Event missing where we can interfer with the upload of files (make them unavailable in the frontend before they are downloadable by a user)?
I looked into the server code. The corresponding line is here.
Currently, there is only the way using OC_Hook. You can for sure file a PR against the server code to additionally dispatch a typed event right after that. Might be useful. But for now, you have to stick with OC_Hook as it is the only option to do it with the current master branch of the server.
Hi, thank you for the input, we now took inspiration from the files_antivirus app and implemented it with a storage wrapper until there is no other option.
But of course this is often required in terms of compliance and Microsoft 365 also offers this. Incidentally, in my opinion, the risk of viruses has diminished because operating systems such as Windows 10/11 are updated much more frequently nowadays and are therefore less susceptible. Perhaps you should reassess the risk.